lark-doc

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to extract and reuse document/wiki/file tokens (e.g., putting token values into CLI JSON params like --params '{"token":"..."}' and using returned board_tokens in subsequent commands), which requires including secret/token values verbatim in generated requests/commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests user-generated cloud documents (references/lark-doc-fetch.md and references/lark-doc-search.md) and also auto-downloads arbitrary external image/file URLs embedded via markdown (references/lark-doc-create.md and the image/file sections), which the agent is expected to read/interpret and can materially influence subsequent tool actions (search, update, media-download/insert, whiteboard operations).